package com.jianz.campus_markets.filter;

import com.jianz.campus_markets.domain.entity.LoginUser;
import com.jianz.campus_markets.utils.RedisCache;
import com.jianz.campus_markets.utils.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

/**
 * @author Jianz
 * @version 1.0
 * @Description  弃用
 * @Email jianz8153.gmail.com
 * @Date 2023/11/27 5:43
 */
//@Component
public class CheckPermissionInterceptor implements HandlerInterceptor {

    @Autowired
    private RedisCache redisCache;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 1 获取userId
        Long userId = SecurityUtils.getUserId();
        // 2 上redis中获取用户信息
        LoginUser loginUser = redisCache.getCacheObject("login:" + userId);
        // 3 判断是否是超管
        if(loginUser.getUser().getType().equals("1")){
            return true;
        }
        // 4 获取当前访问的方法
        if(handler instanceof HandlerMethod){
            HandlerMethod handlerMethod = (HandlerMethod)handler;
            Method method = handlerMethod.getMethod();
            // 5 获取方法上注解
            // 6 上redis中获取用户拥有的权限表达式集合

            // 7 如果不在集合中返回{ code:403,state:"fail",msg:"没有权限",date:null}
        }


        return true;
    }
}
